CVE-2025-7818

Name of the Vulnerable Software and Affected Versions PHPGurukul Apartment Visitors Management System version 1.0

Description A cross site scripting issue exists due to the manipulation of the categoryname argument within the HTTP POST Request Handler component’s /category.php file. The attack can be launched remotely. The exploit has been disclosed publicly.

Recommendations As a temporary workaround, consider restricting access to the /category.php file to minimize the risk of exploitation. Sanitize the categoryname argument to prevent the injection of malicious scripts.